<?php
            session_start();
            $con = mysql_connect("localhost","root","alaamagwa");
            $db_select=mysql_select_db("draftsstore");
            $username = $_POST['username'];
            $pass = $_POST['password'];
            $salt= substr($username , 0 , 2);
            $enc_pass = crypt($pass ,$salt);
            $query = "SELECT * FROM users WHERE username = '{$username}' AND password ='{$enc_pass}'";
            $queryset = mysql_query($query,$con); // pass the query
            while($query_row=mysql_fetch_array($queryset)){
                $_SESSION['uname'] = $query_row['username'];
                $_SESSION['password'] = $query_row['password'];
            }  
            
        }
    if(isset($_SESSION['uname']) && $_SESSION['password']){
        header("location:home.php");
    
    }
?>
